SlideShare une entreprise Scribd logo

Computer Forensics Techniques and Tools Explained

Télécharger en tant que PPT, PDF
Lalit Garg
Lalit Garg

When U delete a file it is not really deleted

Technologie
1  sur  22
Computer Forensics LALIT GARG 3610109 CSE-2NDYEAR
Index What is Computer Forensics Objective of Computer Forensics Why Computer Forensics History of Computer Forensics How it approaches Steps of Investigation What not to do during Investigation Computer Forensics Techniques
Index Anti-Forensics Computer Forensics Tools Advantages of Computer Forensics Disadvantages of Computer Forensics Conclusions
What is Computer Forensics Computer forensics is considered to be the use of analytical and investigative techniques to identify, collect, examine and preserve evidence/information which is magnetically stored or encoded
Objective of Computer Forensics Usually to provide digital evidence of a specific or general activity
Why Computer Forensics? - Employee internet abuse - Unauthorized disclosure of corporate information and data - Industrial espionage - Damage assessment - Criminal fraud and deception cases - More general criminal cases - and countless others!
History of Computer Forensics  Bankruptcy in Enron in December 2001  Hundreds of employees were left jobless while some executives seemed to benefit from the company's collapse.  The United States Congress decided to investigate and A specialized detective force began to search through hundreds of Enron employee computers using computer forensics.
How it approaches? -Secure the subject system (from tampering during the operation) -Take a copy of hard drive (if applicable) -Identify and recovery all files (including those deleted) - Access/copy hidden, protected and temporary files -Study 'special' areas on the drive (eg: residue from previously deleted files) - Investigate data/settings from installed applications/programs
How it approaches….cont -Assess the system as a whole, including its structure - Consider general factors relating to the users activity - Create detailed report. Throughout the investigation, it is important to stress that a full audit log of your activities should be maintained.
Steps of Investigation  Secure the computer system to ensure that the equipment and data are safe  Find every file on the computer system  Recover as much deleted information as possible using applications  Reveal the contents of all hidden files with programs designed to detect the presence of hidden data  Decrypt and access protected files
Cont…  Analyze special areas of the computer's disks  Document every step of the procedure  Be prepared to testify in court as an expert witness in computer forensics
What should not be done during investigation? -Avoid changing date/time stamps (of files for example) or changing data itself -Overwriting of unallocated space (which can happen on re-boot for example). 'Study don't change' is a useful catch-phrase.
Computer Forensics Technique  Cross-Drive Analysis(CDA)  Live Analysis  Deleted File Analysis
Anti-Forensics : The Nightmare  Programmers design anti-forensic tools to make it hard or impossible to retrieve information during an investigation  Dozens of ways people can hide information
Anti-Forensics…..contd.  Some programs can fool computers by changing the information in files' headers  Programs can divide files up into small sections and hide each section at the end of other files  Programs called packers can insert executable files into other kinds of files  Encryption is another way to hide data  Changing the metadata attached to files  Some computer applications will erase data if an unauthorized user tries to access the system
Computer Forensics Tools  Disk imaging software  Software or hardware write tools  Hashing tools  File recovery programs  Programs to preserve information in RAM  Encryption decoding software  Password cracking software
Advantages of Computer Forensics Ability to search through a massive amount of data  Quickly  Thoroughly  In any language
Disadvantages of Computer Forensics Digital evidence accepted into court  must prove that there is no tampering  all evidence must be fully accounted for  computer forensic specialists must have complete knowledge of legal requirements, evidence handling and storage and documentation procedures
Disadvantages of Computer Forensics Costs  producing electronic records & preserving them is extremely costly  Presents the potential for exposing privileged documents  Legal practitioners must have extensive computer knowledge
Conclusion With computers becoming more and more involved in our everyday lives, both professionally and socially, there is a need for computer forensics. This field will enable crucial electronic evidence to be found, whether it was lost, deleted, damaged, or hidden, and used to prosecute individuals that believe they have successfully beaten the system.
Thank You It’s nice to be important but it is more important to be nice
Any Query???

Recommandé

Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsNicholas Davis
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2Manu Mathew Cherian
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsNicholas Davis
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 

Recommandé

Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsNicholas Davis
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2Manu Mathew Cherian
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsNicholas Davis
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Memory forensics.pptx
Memory forensics.pptxMemory forensics.pptx
Memory forensics.pptx9905234521
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory Forensicsn|u - The Open Security Community
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Forensics of a Windows System
Forensics of a Windows SystemForensics of a Windows System
Forensics of a Windows SystemConferencias FIST
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Computer Forensic
Computer ForensicComputer Forensic
Computer ForensicNovizul Evendi
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Network forensic
Network forensicNetwork forensic
Network forensicManjushree Mashal
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Data recovery tools
Data recovery toolsData recovery tools
Data recovery toolsuniversity of Gujrat, pakistan
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityLecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityAlchemist095
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsRoberto Ellis
 

Contenu connexe

Tendances

Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Memory forensics.pptx
Memory forensics.pptxMemory forensics.pptx
Memory forensics.pptx9905234521
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Forensics of a Windows System
Forensics of a Windows SystemForensics of a Windows System
Forensics of a Windows SystemConferencias FIST
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityLecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityAlchemist095
 

Tendances (20)

Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Memory forensics.pptx
Memory forensics.pptxMemory forensics.pptx
Memory forensics.pptx
 
Memory Forensics
Memory ForensicsMemory Forensics
Memory Forensics
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic tools
 
Forensics of a Windows System
Forensics of a Windows SystemForensics of a Windows System
Forensics of a Windows System
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Network forensic
Network forensicNetwork forensic
Network forensic
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Data recovery tools
Data recovery toolsData recovery tools
Data recovery tools
 
Email investigation
Email investigationEmail investigation
Email investigation
 
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityLecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
 

En vedette

Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentationprashant3535
 
01 computer%20 forensics%20in%20todays%20world
01 computer%20 forensics%20in%20todays%20world01 computer%20 forensics%20in%20todays%20world
01 computer%20 forensics%20in%20todays%20worldAqib Memon
 
Secure lab setup for cyber security
Secure lab setup for cyber securitySecure lab setup for cyber security
Secure lab setup for cyber securityBirju Tank
 
Forensic laboratory setup requirements
Forensic laboratory setup requirementsForensic laboratory setup requirements
Forensic laboratory setup requirementsSonali Parab
 
Forensic Lab Development
Forensic Lab DevelopmentForensic Lab Development
Forensic Lab Developmentamiable_indian
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its roleSudeshna Basak
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic SoftwaresDhruv Seth
 
computer forensics
computer forensicscomputer forensics
computer forensicsAkhil Kumar
 
Forensic laboratory setup requirements
Forensic laboratory setup requirements Forensic laboratory setup requirements
Forensic laboratory setup requirements Sonali Parab
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays Worldgueste0d962
 
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013Devindra Oktaviano
 
Identifikasi forensik
Identifikasi forensikIdentifikasi forensik
Identifikasi forensikAmirul Hadi
 
Nuix Presentation
Nuix PresentationNuix Presentation
Nuix Presentationtbonk_dti
 

En vedette (20)

Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentation
 
01 computer%20 forensics%20in%20todays%20world
01 computer%20 forensics%20in%20todays%20world01 computer%20 forensics%20in%20todays%20world
01 computer%20 forensics%20in%20todays%20world
 
Slideshare ppt
Slideshare pptSlideshare ppt
Slideshare ppt
 
Secure lab setup for cyber security
Secure lab setup for cyber securitySecure lab setup for cyber security
Secure lab setup for cyber security
 
Forensic laboratory setup requirements
Forensic laboratory setup requirementsForensic laboratory setup requirements
Forensic laboratory setup requirements
 
Forensic Lab Development
Forensic Lab DevelopmentForensic Lab Development
Forensic Lab Development
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
 
Computer forensics and its role
Computer forensics and its roleComputer forensics and its role
Computer forensics and its role
 
Computer Forensic Softwares
Computer Forensic SoftwaresComputer Forensic Softwares
Computer Forensic Softwares
 
computer forensics
computer forensicscomputer forensics
computer forensics
 
Forensic laboratory setup requirements
Forensic laboratory setup requirements Forensic laboratory setup requirements
Forensic laboratory setup requirements
 
Chfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays WorldChfi V3 Module 01 Computer Forensics In Todays World
Chfi V3 Module 01 Computer Forensics In Todays World
 
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
Proliferasi Nuklir Era Kontemporer: Kapabilitas Nuklir Korea Utara 2003-2013
 
Identifikasi forensik
Identifikasi forensikIdentifikasi forensik
Identifikasi forensik
 
Nuix Presentation
Nuix PresentationNuix Presentation
Nuix Presentation
 
Luka Tembak Forensik
Luka Tembak ForensikLuka Tembak Forensik
Luka Tembak Forensik
 

Similaire à Computer Forensics Techniques and Tools Explained

computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfGnanavi2
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics SlidesVarun Sehgal
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
4.content (computer forensic)
4.content (computer forensic)4.content (computer forensic)
4.content (computer forensic)JIEMS Akkalkuwa
 
computerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfcomputerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfGnanavi2
 
Evidence and data
Evidence and dataEvidence and data
Evidence and dataAtul Rai
 
To get round to the heart of fortress
To get round to the heart of fortressTo get round to the heart of fortress
To get round to the heart of fortressSTO STRATEGY
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicDhiren Gala
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic InvestigatorAgape Inc
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsBense Tony
 
Cyber&digital forensics report
Cyber&digital forensics reportCyber&digital forensics report
Cyber&digital forensics reportyash sawarkar
 

Similaire à Computer Forensics Techniques and Tools Explained (20)

computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdf
 
Computer forensics Slides
Computer forensics SlidesComputer forensics Slides
Computer forensics Slides
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Computer forencis
Computer forencisComputer forencis
Computer forencis
 
Latest presentation
Latest presentationLatest presentation
Latest presentation
 
Sujit
SujitSujit
Sujit
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes
 
4.content (computer forensic)
4.content (computer forensic)4.content (computer forensic)
4.content (computer forensic)
 
computerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdfcomputerforensics-140212060522-phpapp02.pdf
computerforensics-140212060522-phpapp02.pdf
 
Evidence and data
Evidence and dataEvidence and data
Evidence and data
 
To get round to the heart of fortress
To get round to the heart of fortressTo get round to the heart of fortress
To get round to the heart of fortress
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer Forensic
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic Investigator
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Cyber&digital forensics report
Cyber&digital forensics reportCyber&digital forensics report
Cyber&digital forensics report
 

Dernier

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 

Dernier (20)

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 

Computer Forensics Techniques and Tools Explained

  • 1. Computer Forensics LALIT GARG 3610109 CSE-2NDYEAR
  • 2. Index What is Computer Forensics Objective of Computer Forensics Why Computer Forensics History of Computer Forensics How it approaches Steps of Investigation What not to do during Investigation Computer Forensics Techniques
  • 3. Index Anti-Forensics Computer Forensics Tools Advantages of Computer Forensics Disadvantages of Computer Forensics Conclusions
  • 4. What is Computer Forensics Computer forensics is considered to be the use of analytical and investigative techniques to identify, collect, examine and preserve evidence/information which is magnetically stored or encoded
  • 5. Objective of Computer Forensics Usually to provide digital evidence of a specific or general activity
  • 6. Why Computer Forensics? - Employee internet abuse - Unauthorized disclosure of corporate information and data - Industrial espionage - Damage assessment - Criminal fraud and deception cases - More general criminal cases - and countless others!
  • 7. History of Computer Forensics  Bankruptcy in Enron in December 2001  Hundreds of employees were left jobless while some executives seemed to benefit from the company's collapse.  The United States Congress decided to investigate and A specialized detective force began to search through hundreds of Enron employee computers using computer forensics.
  • 8. How it approaches? -Secure the subject system (from tampering during the operation) -Take a copy of hard drive (if applicable) -Identify and recovery all files (including those deleted) - Access/copy hidden, protected and temporary files -Study 'special' areas on the drive (eg: residue from previously deleted files) - Investigate data/settings from installed applications/programs
  • 9. How it approaches….cont -Assess the system as a whole, including its structure - Consider general factors relating to the users activity - Create detailed report. Throughout the investigation, it is important to stress that a full audit log of your activities should be maintained.
  • 10. Steps of Investigation  Secure the computer system to ensure that the equipment and data are safe  Find every file on the computer system  Recover as much deleted information as possible using applications  Reveal the contents of all hidden files with programs designed to detect the presence of hidden data  Decrypt and access protected files
  • 11. Cont…  Analyze special areas of the computer's disks  Document every step of the procedure  Be prepared to testify in court as an expert witness in computer forensics
  • 12. What should not be done during investigation? -Avoid changing date/time stamps (of files for example) or changing data itself -Overwriting of unallocated space (which can happen on re-boot for example). 'Study don't change' is a useful catch-phrase.
  • 13. Computer Forensics Technique  Cross-Drive Analysis(CDA)  Live Analysis  Deleted File Analysis
  • 14. Anti-Forensics : The Nightmare  Programmers design anti-forensic tools to make it hard or impossible to retrieve information during an investigation  Dozens of ways people can hide information
  • 15. Anti-Forensics…..contd.  Some programs can fool computers by changing the information in files' headers  Programs can divide files up into small sections and hide each section at the end of other files  Programs called packers can insert executable files into other kinds of files  Encryption is another way to hide data  Changing the metadata attached to files  Some computer applications will erase data if an unauthorized user tries to access the system
  • 16. Computer Forensics Tools  Disk imaging software  Software or hardware write tools  Hashing tools  File recovery programs  Programs to preserve information in RAM  Encryption decoding software  Password cracking software
  • 17. Advantages of Computer Forensics Ability to search through a massive amount of data  Quickly  Thoroughly  In any language
  • 18. Disadvantages of Computer Forensics Digital evidence accepted into court  must prove that there is no tampering  all evidence must be fully accounted for  computer forensic specialists must have complete knowledge of legal requirements, evidence handling and storage and documentation procedures
  • 19. Disadvantages of Computer Forensics Costs  producing electronic records & preserving them is extremely costly  Presents the potential for exposing privileged documents  Legal practitioners must have extensive computer knowledge
  • 20. Conclusion With computers becoming more and more involved in our everyday lives, both professionally and socially, there is a need for computer forensics. This field will enable crucial electronic evidence to be found, whether it was lost, deleted, damaged, or hidden, and used to prosecute individuals that believe they have successfully beaten the system.
  • 21. Thank You It’s nice to be important but it is more important to be nice

Notes de l'éditeur

  1. 03/22/12 Computer Forensics-Sara Faust
  2. 03/22/12 Computer Forensics-Sara Faust